Overview of SSH to interact with Remote Servers (PART-III)
This article will teach you about the concepts related to SSH such as sshd daemon, updating ssh config files, and restarting sshd using systemctl
or service
commands. Also, You will go through the details related to passwordless login and also the ability to run commands remotely via ssh. You will also understand how to set up parallel ssh (PSSH) and then run commands on multiple Linux systems in parallel.
In Continuation of PART I, PART II
👨🏽💻🧑🏻💻For more ARTICLES, FOLLOW📍DevOps Engineering on Cloud
Let’s get started.
Connect to Remote Servers from Windows using Powershell as well as WSL
On windows either you can use PowerShell to run ssh commands, to connect to remote servers or you can also use Linux which is set up using wsl to connect to remote servers using WSL via SSH.
Understand how to connect to remote servers from windows using Powershell.
🚨👉🏼 You can also check the complete udemy course (Linux Shell Commands for Absolute Beginners using Ubuntu 20x)🔗Referral link
To connect to the remote server from windows using power shell, Open PowerShell and use the following command,
ssh -i .\gsdemo.pem ubuntu@ec2–50–17–9–239.compute-1.amazonaws.com
To connect from Linux that is setup using WSL, You have to get into WSL by using wsl
command in Powershell.
As you can see above the permissions for the gsdemo.pem file is 777, which means it has read, write and execute permissions for the user, group and others.
The connection is refused as the gsdemo.pem has 777 permissions, it is prompting bad permissions. Update the permissions for the gsdemo.pem file.
Instead of updating permissions for the gsdemo.pem file which is accessed from windows copy the pem file to the .ssh folder
use cd
command and change to the home directory, Use
ls -altr|grep .ssh
command to check if there's a .ssh folder in your home directory
If you can’t find the .ssh folder, You should run the command called ssh-keygen
and hit enter
, You just have to hit enter
whenever it prompts you, eventually the folder is created.
Copy the gsdemo.pem file from the windows home directory to the Linux home directory using the following command,
cp /mnt/c/Users/Chaitanya varma/gsdemo.pem ~/.ssh
Validate if the file is copied by using ls -ltr ~/.ssh
command
Even now you won’t be able to connect to the remote server because it doesn’t have appropriate permissions the permissions should either be 400 or 600.
Change the permissions of the gsdemo.pem file to 400 by using the following command chmod 400 ~/.ssh/gsdemo.pem
.
Now you can connect to the instance by using the command,
ssh -i ~/.ssh/gsdemo.pem ubuntu@ec2-50-17-9-239.compute-1.amazonaws.com
Exit from the remote server by using exit
.
Setup pssh or parallel ssh on Ubuntu Linux
parallel ssh ( pssh ) is a program for running ssh in parallel on multiple remote hosts. Check if parallel-ssh is available in your host by using
parallel-ssh --help
you can get control arguments related to parallel-ssh.
If parallel-ssh is not available in your host use the following command to install parallel-ssh.
sudo apt -y install pssh
Create a soft link for parallel-ssh as if you try to use pssh it won’t work, so create a soft link.
To get the fully qualified path of parallel-ssh use which parallel-ssh
command.
To create a soft link for parallel-ssh use the command,
sudo ln -s /usr/bin/parallel-ssh /usr/bin/pssh
Validate soft link creation by using the following command,
ls -ltr /usr/bin/parallel-ssh
Now you can use pssh or parallel-ssh while using parallel-ssh commands.
Run Commands on multiple servers using parallel ssh or pssh
To run commands on multiple servers using parallel ssh or pssh, you can use the following command,
pssh -i -H ubuntu@ec2–50–17–9–239.compute-1.amazonaws.com -H ubuntu@ec2–54–160–228–170.compute-1.amazonaws.com -x "-i ~/.ssh/gsdemo.pem" "ls -ltr"
Make sure to log in to both instances once before using pssh.
Here, -i is used to view the output for the command,
-H is the control argument to read the hosts ubuntu is the host and
ec2–50–17–9–239.compute-1.amazonaws.com
is the first IPV4DNS.
ec2–54–160–228–170.compute-1.amazonaws.com
is the second IPV4DNS.
Use your IPV4DNS in place of these IPV4DNS.
Pass your pem file details with the help of the -x control argument and -i with the location of your pem file.
and ls -ltr
is the command you run in both the remote servers.
You can also use the commands this way, Which is nothing but line breaking so the command will be easy to read.
pssh -i \
-H ubuntu@ec2–50–17–9–239.compute-1.amazonaws.com \
-H ubuntu@ec2–54–160–228–170.compute-1.amazonaws.com \
-x "-i ~/.ssh/gsdemo.pem" \
"ls -ltr"
In this case, you can run thels -ltr
command on multiple EC2 instances or remote servers at the same time using parallel-ssh or pssh.
Run Commands on multiple servers using pssh using the hosts file
While running commands on multiple servers using pssh, it will be very long to use -H and to give multiple instance ids, so use a host file to simplify the command while using the pssh command.
Create a host file with both the IPV4DNS inside it by using,
vi hosts.txt
. Then type I and insert both the host names and instances IPV4DNS in that file
and save the file by pressing esc
and :x
Now you pass the host file with the -h control argument. The command is,
Enable Passwordless login using ssh keys and ssh copy id command
Instead of using a password to log in, you should always be able to connect to these remote servers without entering the password. For that, you need to make sure you have a private key and a public key generated on your source and make sure the contents of the public key from your PC are copied to authorized_keys in the remote machine.
Instead of manually copying, some commands are available using ssh itself.
Copy the public key details into the authorized_keys so that passwordless login is enabled between your source and remote servers.
Make sure you have a private key and a public key generated
This process can also be done in the PowerShell or mac terminal, Here it is shown using an ubuntu based machine.
Verify if the public and private key files are generated in your source machine.
If you don’t have a public key and private key generated, as part of the ssh run ssh-keygen
command to generate a public key and a private key.
The default private key file name is id_rsa and the default public key file name is id_rsa.pub.
The file is generated in /home/usrname/.ssh/
You can add a passphrase when prompted, having a passphrase will add additional security.
As you can see the keys are generated
If you have a password login to the remote machine, then you should be able to copy the contents of the id_rsa.pub to authorized_keys on the remote machine for the given user, then you should be able to connect to the remote machine using that user without entering the password.
Instead of copying manually, you should be able to use the command,
ssh-copy-id ubuntu@ec2–54–163–41–150.compute-1.amazonaws.com
As you enabled the password to log in, enter the password when prompted, then the id_rsa.pub contents will be copied to authorized keys. It won’t prompt for the password going forward.
As you can see the process is successful. Validate the passwordless login by using the command that is given below,
ssh ‘ubuntu@ec2–54–163–41–150.compute-1.amazonaws.com’
As you can see the passwordless login is successful, by copying the contents from the public key to authorized_keys.
This is how you should be able to leverage ssh-copy-id
once you have the private key and public key combination on the source to enable passwordless login to the remote server.
Terminate AWS EC2 Instances used for the demo
Terminate both the instances that are created for the demo purpose for that you can go to the EC2 management console and open instances.
Select the demo instances that you created and click on instance state or right-click on the instances and click on terminate the instance and terminate the instances that you have created.
Make sure you review the instances you will terminate, so you won’t accidentally terminate your other important instances.
🙏🏼Thank you, for reading the article. If you find it valuable please follow our publication DevOps Engineering on Cloud
🚨👉🏼 You can also check the complete udemy course (Linux Shell Commands for Absolute Beginners using Ubuntu 20x)🔗Referral link
Thanks to Vamsi Penmetsa